Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
EASM mistakes waiting to happen
Search
JR0ch17
January 25, 2022
Technology
0
49
EASM mistakes waiting to happen
JR0ch17
January 25, 2022
Tweet
Share
More Decks by JR0ch17
See All by JR0ch17
Traversing my way in the internal network
jr0ch17
0
170
Getting Started in Bug Bounty
jr0ch17
0
160
Getting Blindly Lucky
jr0ch17
0
94
Qu'est-ce que le bug bounty?
jr0ch17
0
140
Finding 5 bugs in a single parameter
jr0ch17
0
110
Beyond the Borders of Scope
jr0ch17
1
90
Bad API, hAPI Hackers!
jr0ch17
0
1.6k
Other Decks in Technology
See All in Technology
生成AI活用によるPRレビュー改善の歩み
lycorptech_jp
PRO
3
1.1k
歴史に敬意を! パラシュートVPoEが組織と共同で立ち上がる信頼醸成オンボーディング
go0517go
PRO
0
190
インシデント対応入門
grimoh
7
5.1k
2026年のAIエージェント構築はどうなる?
minorun365
10
2.2k
AIで「ふとした疑問」を即座に検証する 〜定量で圧倒するN1理解〜
kakehashi
PRO
3
730
技術書を出版するまでの1161時間50分38秒
kakeami
0
160
EKSで実践する オブザーバビリティの現在地
honmarkhunt
2
300
AWSが推進する AI駆動開発ライフサイクル入門 〜 AI駆動開発時代に必要な人材とは 〜 / introduction_to_aidlc_and_skills
fatsushi
7
4.7k
Agent Ready になるためにデータ基盤チームが今年やること / How We're Making Our Data Platform Agent-Ready
zaimy
0
160
LINEアプリ開発のための Claude Code活用基盤の構築
lycorptech_jp
PRO
1
900
GoとWasmでつくる軽量ブラウザUI
keyl0ve
0
130
EMから現場に戻って見えた2026年の開発者視点
sudoakiy
1
400
Featured
See All Featured
How Fast Is Fast Enough? [PerfNow 2025]
tammyeverts
3
460
XXLCSS - How to scale CSS and keep your sanity
sugarenia
249
1.3M
<Decoding/> the Language of Devs - We Love SEO 2024
nikkihalliwell
1
140
Design in an AI World
tapps
0
160
From π to Pie charts
rasagy
0
140
Designing for Timeless Needs
cassininazir
0
140
Rails Girls Zürich Keynote
gr2m
96
14k
Lightning talk: Run Django tests with GitHub Actions
sabderemane
0
130
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
49
3.3k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
508
140k
Claude Code のすすめ
schroneko
67
210k
Heart Work Chapter 1 - Part 1
lfama
PRO
5
35k
Transcript
EASM mistakes waiting to happen
GET /whoami HTTP/2 Jasmin Landry JR0ch17 Lead, IT & Security
at Montreal Canadiens fan
GET /agenda HTTP/2 EASM Common mistakes Hacker perspective
GET /EASM HTTP/2 What exactly is EASM? What does it
cover? Why is it important?
GET /common_mistakes HTTP/2 Lack of Change Management Not respecting Least
Privilege Misconfigured WAFs Cloud misconfigs (S3 buckets)
GET /hacker_perspective HTTP/2 • Subdomains • IPs • TLS certificates
• Third-party apps Recon EVERYTHING • Monitor for new assets • Monitor any change Continuous Monitoring
GET /thanks HTTP/2 Thank you for listening Questions? More questions?
DMs are open on and
jr0ch17
lycorptech_jp
go0517go
grimoh
minorun365
kakehashi
kakeami
.png){kind=avatar}
honmarkhunt
fatsushi
zaimy
keyl0ve
sudoakiy
tammyeverts
sugarenia
nikkihalliwell
tapps
rasagy
cassininazir
gr2m
sabderemane
chriscoyier
schroneko
lfama
